IsthislegitDashboard to collect, analyze, and respond to reported phishing emails.
Android DisassemblerDisassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱
Gg Shield ActionGitGuardian Shield GitHub Action - Find exposed credentials in your commits
PcapvizVisualize network topologies and collect graph statistics based on pcap files
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
CobraSource Code Security Audit (源代码安全审计)
EbpfeBPF Utilities, Maps, and more
Grapefruit(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Android Pin BruteforceUnlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Privacy.sexyOpen-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
FsfFile Scanning Framework
Shed.NET runtime inspector
CameradarCameradar hacks its way into RTSP videosurveillance cameras
ZbangzBang is a risk assessment tool that detects potential privileged account threats
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
DeephackPoC code from DEF CON 25 presentation
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Iot PtA Virtual environment for Pentesting IoT Devices
Werdlists⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
MoslBash script to audit and fix macOS Catalina (10.15.x) security settings
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
LimitrrLight NodeJS rate limiting and response delaying using Redis - including Express middleware.
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
RevshellgenReverse shell generator written in Python 3.
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
DufflebagSearch exposed EBS volumes for secrets
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.